CVE-2024-54171

Name of the Vulnerable Software and Affected Versions IBM EntireX version 11.1

Description The issue is related to an XML external entity injection (XXE) attack when processing XML data. An authenticated attacker could exploit this to expose sensitive information or consume memory resources.

Recommendations For IBM EntireX version 11.1, consider disabling XML external entity processing until a patch is available. Restrict access to sensitive data and monitor memory resources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.